Sign up to access all features of our service.
  • Job search
  • Favorites
  • Create a CV
    New
  • Salaries
  • Subscriptions

ZERO TRUST (ZT) ENDPOINT & CONNECTED SYSTEMS SME

Zermount, Inc.

ZERO TRUST (ZT) ENDPOINT & CONNECTED SYSTEMS SME

POSITION OVERVIEW

The Zero Trust Systems Engineering Technical SME exists to serve as the agency's primary technical advisor for the CISA ZTMM v2.0 Devices pillar. This role advances TSA's ability to enforce ZT principles at the endpoint level by providing senior-level advisory on device posture management, CDM integration, EDR compliance, and health attestation across its enterprise endpoint environment. The expected outcome is a continuously advancing Devices pillar maturity posture, with device inventory integrity assured, device telemetry actively informing access enforcement, and device posture signals integrated into cross-pillar ZT decisions. This is a senior technical advisory role requiring hands‑on endpoint engineering experience in a federal environment.

DUTIES & RESPONSIBILITIES

General Duties Serve as the primary technical advisor for the CISA ZTMM v2.0 Devices pillar across endpoint security, device posture management, and Continuous Diagnostics and Mitigation integration domains. Continuously assess the agency's device inventory and endpoint security posture against CISA ZTMM v2.0 Devices pillar criteria and NIST SP 800-207; proactively identify emerging device risk indicators and deliver real‑time advisory recommendations. Provide technical advisory guidance on IoT/OT platform strategies (e.g., Microsoft Intune, Jamf), recommending configuration approaches and compliance policy design aligned to ZT principles for agency adoption. Evaluate device telemetry integrity and advise on recommended approaches for integrating device posture signals into ZT access enforcement decisions. Advise on EDR capabilities, patch compliance strategies, and device health attestation approaches; develop recommended solutions for agency review. Provide advisory support for the development and maturation of Devices pillar entries in the Common Control Catalog (CCC), ensuring traceability to NIST SP 800-53 Rev. 5 control families. Develop recommended Devices pillar inputs to the ZT Roadmap, IG FISMA maturity reporting, dashboard scoring, and enterprise performance reporting for agency review and approval. Collaborate with Identity, Network, Data, and Applications SMEs to ensure device posture approaches integrate coherently into cross‑pillar ZT enforcement decisions. Review device‑related policy documents and technical standards; identify gaps relative to ZT mandates and develop recommended updates for agency concurrence. Support all device and endpoint‑related ZT data calls, audits, and compliance reporting by providing advisory analysis and recommended responses. Prepare and present technical findings, maturity assessments, and advisory recommendations to senior leadership and the CISO. Leverage AI‑assisted analysis tools, automation platforms, and prompt engineering techniques to enhance advisory productivity, accelerate gap analysis and documentation tasks, and enable focus on higher‑value technical advisory work; apply all AI capabilities in accordance with agency acceptable use policies and Zermount's ethical AI use guidelines.

SUBJECT MATTER EXPERTISE

SME Area #1 – Endpoint Security, Device Posture Management & CDM Advisory Expert‑level mastery of enterprise endpoint security and device posture management including IoT/OT platform architecture, ZT device compliance policy design, device telemetry, EDR deployment strategy, and device health attestation demonstrated through operational implementation experience. Authoritative knowledge of CDM program components, particularly device inventory and telemetry, CDM data model, and integration pathways for connecting device posture signals to ZT access enforcement decisions. Expert‑level proficiency in MDM/UEM platforms such as Microsoft Intune and Jamf at compliance policy design and architecture depth. Expert‑level knowledge of CISA ZTMM v2.0 Devices pillar criteria, NIST SP 800-207 device trust tenets, OMB M-22-01 EDR requirements, and NIST SP 800-53 Rev. 5 control families. Independent decision‑making authority on Devices pillar advisory scope, posture assessment methodology, and recommended advancement approach. Bring solutions for concurrence. Problem‑solving at the intersection of device enforcement and cross‑pillar integration. Able to identify how device posture gaps create downstream risk in Identity trust decisions and Network access enforcement. SME Area #2 – Enterprise Systems Administration & Infrastructure Foundations Strong foundational knowledge of enterprise endpoint management and systems administration across Windows, macOS, and Linux environments, including Group Policy, configuration management tools, and enterprise imaging processes. Strong foundational knowledge of IoT/OT, including sensors, data processing, connectivity, and legacy systems. Hands‑on experience with enterprise IT infrastructure including virtualization platforms (VMware, Hyper‑V, or equivalent) and their relevance to device posture assessment and ZT workload enforcement. Working knowledge of network fundamentals, including DHCP, DNS, 802.1X, and network access control (NAC), and how device connectivity patterns inform ZT enforcement decisions. Working knowledge of NIST SP 800-161, Asset Supply Chain Risk Management. Foundational understanding of cloud infrastructure (Azure, AWS, or GCP) as it relates to cloud‑managed endpoint solutions, device compliance policy enforcement, and hybrid identity integration. Supports Devices pillar advisory function by enabling technically credible engagement with agency endpoint engineers, systems administrators, and CDM program personnel. Interacts directly with Identity SME on device trust‑to‑identity integration, Network SME on NAC and 802.1X enforcement, and Applications SME on workload access control based on device compliance status.

QUALIFICATIONS

Minimum Requirements A minimum of 10 years of experience in endpoint security, device management, or systems engineering with demonstrated Zero Trust scope. Hands‑on experience implementing ZT‑aligned device posture management using MDM/UEM platforms including Microsoft Intune or Jamf; must extend beyond administration to include ZT compliance policy design. Expert knowledge of CDM program components, particularly device telemetry data flows and integration with ZT access enforcement. Demonstrated familiarity with NIST SP 800-161, NIST SP 800-207, CISA ZTMM v2.0 Devices pillar criteria, OMB M-22-01, and NIST SP 800-53 Rev. 5 control families. Knowledge of EDR platforms, patch management, and device health attestation in federal environments. Demonstrated experience developing and implementing Zero Trust device posture solutions operationally, not limited to policy review or framework mapping. Experience integrating CDM HWAM data or equivalent device inventory signals into ZT access enforcement decisions. Experience supporting ZT‑related IG FISMA metrics reporting pertaining to device management and CDM. Strong written and oral communication skills; ability to translate complex technical findings into CISO‑ready recommendations. Demonstrated familiarity with AI‑assisted analysis tools or prompt engineering; ability to apply AI capabilities ethically to accelerate advisory work and surface higher‑value technical insights. Hands‑on experience with supply chain device security and IoT/OT device management in a federal environment. Preferred Qualifications Five years of IT cybersecurity experience, including direct support to the U.S. Government. This experience can be concurrent with the minimum 10 years of device security experience. Prior direct involvement in a ZT Devices pillar implementation or enterprise ZT deployment in a technical design or advisory capacity. Microsoft Certified: Endpoint Administrator (MD-102) or equivalent MDM/UEM vendor certification. Experience with CDM HWAM data pipeline integration and CDM agency dashboard configuration. Competencies Technical: CISA ZTMM v2.0 Devices pillar, NIST SP 800-207, CDM HWAM, Microsoft Intune, Jamf, EDR platforms, OMB M-22-01, NIST SP 800-53 CM/SI/RA, Windows/macOS/Linux administration, Group Policy, 802.1X, cloud endpoint management, AI‑assisted analysis. Leadership: Technical advisory leadership for Devices pillar; cross‑pillar SME collaboration with Identity, Network, and Applications teams; CISO‑facing technical briefing; advisory engagement with agency endpoint engineers and CDM program personnel. Behavioral: Proactive continuous device posture monitoring orientation; precision in technical assessment and advisory artifact production; continuous learning toward evolving CDM program capabilities and ZT device enforcement standards. Education & Certifications Minimum of a Bachelor of Science (or higher) in Information Technology, Computer Science, Systems Engineering, Cybersecurity, or a related field. Required: Certified Information Systems Security Professional (CISSP) or Certified Information Security Manager (CISM), or equivalent certification. Strongly preferred: Microsoft Certified: Endpoint Administrator (MD-102) or equivalent MDM/UEM vendor certification. Strongly preferred: CompTIA Security+ (acceptable as primary only for candidates with 10+ years demonstrated technical depth and active CISSP/CISM pursuit). Clearance Level Active Secret Clearance required.

WORK LOCATION

Hybrid – Primarily Remote. Occasional onsite work required at the client location in Springfield, VA and Zermount HQ in Arlington, VA.

HOURS OF OPERATION

Business Hours: 8:00 AM EST – 4:30 PM EST Core Hours: 9:00 AM EST – 3:00 PM EST

REPORTING STRUCTURE

Reports To: ZT SME Team Leader Direct Reports: None #J-18808-Ljbffr Zermount, Inc.

Vacancy posted 1 day ago
Similar jobs that could be interesting for youBased on the ZERO TRUST (ZT) ENDPOINT & CONNECTED SYSTEMS SME in Arlington, VA vacancy
  • Zermount, Inc. in Arlington, VA seeks a Zero Trust (ZT) Endpoint & Connected Systems SME to serve as a senior technical advisor. The role requires expertise in endpoint security and device posture management, supporting continuous evaluation and improvement of device compliance... 
    Suggested
    Casual work
    Remote work

    Zermount, Inc.

    Arlington, VA
    1 day ago
  • ZERO TRUST (ZT) NETWORK ARCHITECTURE SME POSITION OVERVIEW The Zero Trust Network Architecture Technical SME...  ...‑as‑Code (IaC), and hybrid connectivity patterns relevant to ZT network enforcement...  ...database network access patterns, systems administration network... 
    Suggested
    Casual work
    Remote work

    Zermount, Inc.

    Arlington, VA
    16 hours ago
  • Zermount, Inc. is seeking a Zero Trust Network Architecture SME in Arlington, VA. This senior advisory role focuses on enhancing the agency's network architecture and ZTNA implementation, requiring extensive experience in network security and compliance with federal standards... 
    Suggested
    Remote work

    Zermount, Inc.

    Arlington, VA
    1 day ago
  •  ...of Cyberspace Operations and Warfighting Communications (A6) Zero Trust (ZT) efforts within the Chief Information Officer (SAF/CN) at the...  ...baseline configuration of technology (e.g. Enterprise IT, Weapons Systems, Industrial Control Systems), System Development Life Cycle (... 
    Suggested
    Work at office
    Local area
    Immediate start

    Streamline Defense

    Arlington, VA
    2 days ago
  •  ...Resilience is seeking experienced Zero Trust Engineer candidates to...  ...development of authenticated, secure connections from untrusted devices in an...  ...would be implemented on endpoints of many form factors that...  ...security, and/or enterprise systems First‑hand experience with... 
    Suggested

    Strategic Analysis Incorporated

    Arlington, VA
    1 day ago
  •  ...Description Job Description ZERO TRUST PROJECT LEAD POSITION DESCRIPTION...  ...Zermount Inc. is seeking a Zero Trust (ZT) Technical Project Lead with...  ...management and control. Provide SME support and technical guidance to information system stakeholders on the... 
    For contractors
    Work experience placement
    Remote work

    Hiring Our Heroes

    Arlington, VA
    24 days ago
  • Entarian is seeking an experienced TIC Systems Engineer to design, implement, and maintain...  .... The role emphasizes TIC 3.0, Zero Trust principles, and effective configuration...  ...IPS, and VPN gateways, and ensure secure connectivity between internal networks and cloud environments... 

    ERT, Inc.

    Arlington, VA
    16 hours ago
  • $99k - $225k

    The Opportunity:Serve as a Zero Trust Architect supporting the Joint Program Office (JPO) and Data Operations Team, responsible for designing, implementing, and advancing Zero Trust security strategies across enterprise and mission-critical environments. Collaborate with... 
    Full time
    Contract work
    Part time
    Work at office
    Local area
    Remote work

    Booz Allen Hamilton

    Arlington, VA
    2 days ago
  • Cybersecurity / Zero Trust Architect - Principal Arlington, VA Are you ready to enhance your skills and build your career in a rapidly...  ...enterprise cybersecurity architectures supporting CDAO mission systems. This role leads the development of Zero Trust Architecture... 
    Work at office
    Work from home
    Home office

    Chenega Corporation

    Arlington, VA
    2 days ago
  • $55k - $59k

    C5OpsNet Tech SETA (Variable Trust Endpoints) Overview Systems Planning and Analysis, Inc. (SPA) delivers high-impact, technical solutions to complex...  ...variable‑trust/variable‑security systems and services, Zero Trust concepts, and continuous integrity. Experience with... 
    Full time

    Systems Planning & Analysis

    Arlington, VA
    1 day ago
  • Streamline Defense is looking for an on-site Staff Consultant to support Air Combat Command's Zero Trust efforts at the Pentagon. The role requires a strong background in business or IT, with responsibilities including policy development, cybersecurity training, and collaboration... 

    Streamline Defense

    Arlington, VA
    2 days ago
  • $99k - $225k

    Booz Allen Hamilton in Arlington, Virginia, is seeking a Zero Trust Architect to design and implement advanced security strategies for federal organizations. You will collaborate with stakeholders to ensure secure access to data and applications, focusing on identity-centric... 

    Booz Allen Hamilton

    Arlington, VA
    3 days ago
  • Sev1Tech LLC is seeking a Trusted Internet Connections (TIC) System Engineer in Arlington, Virginia. This role focuses on designing and maintaining secure...  ...perimeter defenses while emphasizing TIC 3.0 and Zero Trust principles. Responsibilities include implementing... 

    Sev1Tech

    Arlington, VA
    1 day ago
  • $107.9k - $195.05k

    Leidos Inc is seeking a Systems Engineer in Arlington, VA, specializing in DevSecOps and identity security. The role involves engineering and maintaining an Identity-as-a-Service (IDaaS) platform supporting the Defense Information Systems Agency (DISA). Responsibilities... 

    Leidos Inc

    Arlington, VA
    3 days ago
  • Leidos is seeking a Systems Engineer with expertise in DevSecOps, identity security, and systems integration to support the Defense Information Systems Agency (DISA). This position is located 100% on-site in Arlington, VA. Key responsibilities include deploying and maintaining... 

    Leidos

    Arlington, VA
    4 days ago
  • COMFORT SYSTEMS is seeking a Systems Engineer in Arlington, VA, to support the Defense Information Systems Agency. The role focuses on engineering and maintaining an Identity-as-a-Service platform with responsibilities including integrating ICAM services and applying DevSecOps... 

    COMFORT SYSTEMS

    Arlington, VA
    1 day ago
  • Koitecc Solutions is seeking a Systems Engineer to support the DISA Compartmented Enterprise Services Office. The role requires strong expertise in DevSecOps and identity security, focusing on the deployment and automation of an Identity-as-a-Service platform. This position... 
    Full time
    Work at office

    Koitecc Solutions

    Arlington, VA
    4 days ago
  •  ...Job Description Job Description ZERO TRUST (ZT) DATA SUBJECT MATTER EXPERT POSITION OVERVIEW...  ...Data Subject Matter Expert (ZT Data SME) exists to provide senior-level advisory...  ..., and disposal across diverse TSA system types. Interacts directly with pillar... 
    Casual work
    Remote work

    Zermount, Inc

    Arlington, VA
    7 days ago
  • $55k - $59k

     ...and network development, with a focus on secure platforms and endpoint security. An active Top Secret clearance is required alongside...  ...degree in a related field. This full-time role offers a salary between $55,000 and $59,000. #J-18808-Ljbffr Systems Planning & Analysis
    Full time

    Systems Planning & Analysis

    Arlington, VA
    4 days ago
  • Zermount Inc. is seeking a Cybersecurity Architect to drive the Zero Trust strategy across a hybrid on‑prem and cloud environment for a Government Agency. The role blends hands‑on engineering with architectural leadership to accelerate authorization to operate, improve... 
    Remote job

    Hiring Our Heroes

    Arlington, VA
    1 day ago
  • A cybersecurity firm is seeking a Cybersecurity Architect & Engineer SME in Arlington, VA. This role involves developing secure enterprise architectures and overseeing automated control assessments across hybrid environments. Ideal candidates should have extensive experience... 
    Remote work

    Zermount, Inc.

    Arlington, VA
    1 day ago
  • Chenega Corporation is seeking a Principal Cybersecurity / Zero Trust Architect in Arlington, VA, to lead the design and implementation of enterprise cybersecurity architectures. This role will direct cybersecurity initiatives within large-scale government operations and... 

    Chenega Corporation

    Arlington, VA
    3 days ago
  • Chenega Corporation in Arlington, VA is seeking a Principal Cybersecurity / Zero Trust Architect to provide senior technical leadership in cybersecurity architecture supporting government operations. The ideal candidate will have 12+ years of experience in federal environments... 

    Chenega Corporation

    Arlington, VA
    2 days ago
  • $132.5k - $338.3k

     ...professionals develop and deliver solutions that protect enterprise systems, applications and data by establishing policies, practices and...  ...with network security concepts and architectures around Zero Trust and Zero Trust Network Access (ZTNA), macro/micro‑segmentation... 
    Work experience placement
    Live in
    Work at office
    Local area

    Accenture

    Arlington, VA
    1 day ago
  • Variable Trust Endpoints Tech SETA-DARPA, TS/SCI Arlington, VA Seeking...  ...enable general purpose clients connected to decentralized services...  ...security, and/or enterprise systems. Substantial experience with...  ...systems and services, concepts of Zero Trust, and continuous... 

    Blue Sky Innovators

    Arlington, VA
    4 days ago
  • $135.2k - $278.5k

     ...solutions. You will design secure architectures, conduct security assessments, and manage tools like firewalls and intrusion detection systems. The successful candidate will have a Bachelor's degree in a relevant field, 10 years of experience in cybersecurity, and must... 

    Accenture

    Arlington, VA
    16 hours ago
  • A government contractor in technology solutions is seeking an experienced Application Architect to support DHS CISA in designing and modernizing mission-critical applications. The role involves defining architecture standards and technical leadership to ensure security ...
    For contractors

    SiloSmashers, Inc.

    Arlington, VA
    1 day ago
  • A technology consulting firm is seeking a Cloud Engineer (Hybrid) in Arlington, VA. This role involves building and optimizing cloud infrastructure for federal contracts, focusing on compliance and security. Ideal candidates will have over five years of experience in cloud...

    SiloSmashers, Inc.

    Arlington, VA
    1 day ago
  • Peraton is seeking a Crypto Product Manager in Arlington, Virginia, to lead the technical strategy for cryptographic services. The role entails driving design decisions, overseeing integration of security protocols, and ensuring alignment with mission needs. The ideal candidate...

    Peraton

    Arlington, VA
    2 days ago
  • $148.8k - $306.5k

    Accenture is seeking a Cybersecurity Architect in Arlington, Virginia, focused on embedding security into the War Data Platform. The role requires a Bachelor's degree and at least 10 years of cybersecurity experience, alongside expert knowledge in security architecture ...

    Accenture

    Arlington, VA
    1 day ago

Do you want to receive more vacancies?

Subscribe and receive similar vacancies to ZERO TRUST (ZT) ENDPOINT & CONNECTED SYSTEMS SME. Be the first to apply!